[meithecatte]

It's also how wasm works, and in some sense -- JavaScript. Somehow, these introduce much less security problems.

[muricula]

https://github.com/tunz/js-vuln-db

I'm not sure Javascript has fewer security problems at all. Sandboxes help a lot, but not all sandboxes are equally strong and Javascript engines routinely get popped.

[iainmerrick]

JavaScript doesn’t give you nearly as much access to host OS features as the JVM does. (And there sometimes are security problems when it does.)

[staticassertion]

But it's not really interesting to compare js to java, we should be comparing to ebpf.

[ixtli]

The 'somehow' seems rather clear to me when you look at how the organizations who governed these languages and how they're run.